About Us

ANZ’s 2030 strategy is transforming our bank to win the preference of customers, shareholders and the community.  ANZ will achieve this by focusing on four strategic pillars – customer first, simplicity, resilience and delivering value.  

About the Role

As the Product Owner for Threat Intelligence & Detection, you will lead a multidisciplinary squad of detection engineers, threat hunters, and threat intelligence analysts to emerging and actual threats impacting ANZ. Your mission is to use threat intelligence and breach attack simulation tools to understand the threats facing ANZ, identify gaps in our defences and use this information to drive tactical operational uplift to block these threats, develop new content to detect when these threats at targeting ANZ and model these threats to drive risk and investment prioritization to ensure we are mitigating our largest cyber risks. 

Role Type: Permanent
Role Location: Melbourne
Work Hours: Full-time

What will your day look like?

As a Product Owner, your accountabilities include:

Threat Intelligence Leadership
Develop and implement an operating model that leverages threat intelligence to provide business value that materially and measurably reduces risk for the bank by taking actions such as:
•    Identify threat actors targeting the bank and model their behaviours
•    Supplement existing security incidents with context from threat intelligence to highlight potential goals/ investigation paths/ containment actions
•    Model threat actors to inform offensive exercising scenarios (red team)
•    Model threats to inform and quantify our cyber risk position by identifying gaps in our controls and remediation actions
•    Use threat intelligence to understand gaps in our threat detection capability and develop new threat detections to remediate any gaps based on a risk prioritisation framework
•    Oversee excellence in threat intelligence and breach attack simulations capabilities to inform our risk position by applying threat modelling frameworks.
•    Develop threat research capabilities which builds upon known threat intelligence to identify additional infrastructure/capabilities/behaviours/goals and use this knowledge to improve our defences (including during an active incident). 
•    Develop and maintain collaboration networks within industry to keep abreast of the threat landscape and actions taken at other organisations.

Detection Engineering & Threat Hunting
•    Implement frameworks to identify threats at key points in the cyber kill chain to prioritise threat detection development
•    Develop and optimize detection rules and analytics for SIEM and monitoring platforms based on inputs such as red team findings, threat intelligence, and breach attack simulations. 
•    Drive continuous threat hunting to identify potential compromise not identified by real-time alerting.
•    Integrate threat hunting lifecycle into detection processes to identify threats early.
•    Drive critical thinking and analytics to chain signals for high-fidelity threat identification.
•    Identify high impact insider threat risks. 

Automation & Innovation
•    Champion automation in detection and intelligence workflows to improve speed and scalability.
•    Innovate, evaluate and implement emerging technologies, including AI-driven threat detection, hunting & response.

Governance & Reporting
•    Develop metrics to measure threat intel and detection effectiveness
•    Develop situational awareness reporting where appropriate for priority threats to senior leadership.
•    Ensure adherence to regulatory obligations and maintain strong risk posture through continuous testing.

What will you bring?

Must have 2–3 years’ demonstrated experience in a threat intelligence or SOC management lead role and prior experience in:

Leadership & Communication
• Ability to lead high-performing teams under pressure
• Exceptional interpersonal skills, including the ability to inspire, mentor, coach and develop others
• Ability to quickly grasp new content and translate it to squads, leadership and key stakeholders
• Ability to drive continuous improvement and innovation

Threat Intelligence & Adversary Analysis
• Ability to research, analyse and profile threat actors, including motivations, capabilities, infrastructure and targeting patterns
• Strong understanding of adversary TTPs across the attack lifecycle (e.g. reconnaissance through impact)
• Proficiency in MITRE ATT&CK, including mapping intelligence and incidents to techniques and sub-techniques
• Experience producing finished intelligence (strategic, operational and tactical) for SOC, engineering and leadership audiences
• Understanding of security vulnerabilities, exploit techniques and methods for detection and remediation
• Ability to collect and assess intelligence from multiple sources (commercial feeds, OSINT, internal telemetry, incident data)
• Strong analytical skills to correlate data and identify patterns, trends and emerging threats
• Experience with intelligence lifecycle management (requirements, collection, analysis, dissemination, feedback)

Threat Modelling & Risk Contextualisation
• Experience applying threat modelling frameworks to assess realistic adversary impact
• Ability to identify gaps in detection and prevention controls using threat intelligence
• Skill in translating intelligence into risk-based prioritisation and actionable recommendations

Detection Engineering & SOC Integration
• Understanding of how threat intelligence feeds into SIEM use cases, detections and alerting
• Ability to collaborate with SOC, detection engineering and threat hunting teams to operationalise intelligence
• Experience enriching incidents and alerts with intelligence context (actor intent, objectives, next steps)

Technical Security Knowledge
• Network technologies and protocols
• Endpoint, identity and cloud security concepts
• Common attack techniques (phishing, malware, credential abuse, lateral movement)
• Familiarity with SIEM, EDR, NDR, threat intelligence platforms and logging sources

Research & Continuous Learning
• Proven ability to conduct deep-dive threat research beyond vendor reporting
• Strong awareness of emerging cyber threats, trends and campaigns relevant to financial services

Communication & Stakeholder Engagement
• Strong written communication skills to produce clear, concise intelligence reports and briefings
• Ability to communicate complex technical threats in plain language to non-technical stakeholders
• Experience collaborating across cyber functions (SOC, detection engineering, red team, vulnerability management)

Professional & Personal Skills
• Strong critical thinking and problem-solving capability
• Ability to operate effectively during active incidents or high-pressure situations
• High level of curiosity, attention to detail and analytical rigour

You’re not expected to have 100% of these skills. At ANZ, a growth mindset is at the heart of our culture, so if you have most of these in your toolbox, we’d love to hear from you.

So why join us?

From the moment you join ANZ, you'll be doing meaningful work that will shape a world where people and communities thrive.

But it's not just our customers who'll feel your impact. You'll feel it too. Because at ANZ, you'll have the resources, opportunities, and support you need to take the next big step in your career.

We're a diverse bunch at ANZ in different roles, different locations, doing different things. That's why we have a range of flexible working arrangements, so our people can 'make work, work for them'. We also provide a range of benefits including access to health and wellbeing services and discounts on selected products and services from ANZ and more.

At ANZ, you'll be part of an organisation where the different backgrounds, perspectives and life experiences of our people are celebrated. That's because we're committed to building a workplace that reflects the diversity of the communities we serve. We welcome applications from everyone and encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you're a candidate with a disability or access requirement, and have an enquiry about the support provided, please let us know on your application or visit ANZ Accessibility and Inclusion Programs for alternate contact methods.

To find out more about working at ANZ, visit https://www.anz.com.au/careers. You can apply for this role by visiting ANZ Careers and searching for reference number 114191 .
 

Job Posting End Date

12/05/2026 , 11.59pm, (Melbourne Australia)